Early FIPS certification won't stem feds' migration to Android, iOS.

RIM's BlackBerry and PlayBook devices still are the only mobile devices with "authority to operate" on DOD networks. That could end soon.

Sean Gallagher

Research In Motion is still at least three months from shipping phones based on its new BlackBerry 10 mobile operating system. But the company has shipped at least one thing in time for Christmas—a government security certification for its unreleased phones.

In an effort to stem losses from its most loyal base—government agencies—RIM announced today that BlackBerry 10 devices had received Federal Information Processing Standard (FIPS) 140-2 certification for their cryptographic modules. FIPS 140-2 is a basic requirement for any device to be used by US federal agencies for "sensitive" communications—which includes internal unclassified email and voice communications.

FIPS certification has long been RIM's foot in the door with government customers, and it's why BlackBerry has remained dominant in the government market as its overall market position eroded. But that dominance is now threatened—in part because of RIM's loss of market share everywhere else.

In October, the Immigration and Customs Enforcement Agency (ICE) announced it would be replacing over 17,000 BlackBerry devices issued to employees with Apple iPhones. ICE officials listed RIM's declining market share and concerns about the company's long-term viability among the reasons for the agency's switch.

The Defense Department—RIM's single largest government customer—is also contemplating cutting ties with BlackBerry. On October 22, the Defense Information Systems Agency took the first step in its plans to integrate iPhones and Android devices into DOD networks, issuing a request for proposals for a mobile device management system for up to 262,500 mobile devices that must support iOS and Android. Support for BlackBerry, Microsoft Windows Phone 8, and Windows 8 RT devices is mentioned in the RFP as a desired option, but not required. The deadline for proposals—November 27—has vendors scrambling to pull together their bids.

Enlarge/ Screen shots from the U.S. Army's Morale, Welfare and Recreation Programs app for iOS, one of nine Army apps in Apple's iOS App Store.

That's because many Army recruits—and other government employees—are already carrying their own personal Android and iOS devices. Apple is making other inroads with iOS in the government tablet market—the Department of Veterans Affairs has adopted the iPad in its hospitals, for example. And while the Department of Health and Human Services has turned up a nose at Android, it has embraced iOS and Windows Phone alongside its BlackBerry fleet.

All of that spells trouble for RIM, regardless of BlackBerry 10's preshipping stamp of crypto-approval. While the most secure phones used by government officials may still carry the BlackBerry logo, it could be just a matter of time before the "ObamaBerry" gets traded in for an iPhone or "ObamaDroid."

We develop a number of software products, including iOS and Android apps. I was floored when one of our large defense customers informed us last year that they're going to be sticking with Blackberry for the foreseeable future. Maybe (hopefully!) this will change things.

Anecdote: My agency is gently escorting RIM to the door. IT's started advertising a BYOD program, where you can replace your blackberry with an iOS app that gives you secure access to work calendar/mail from your personal phone.

Android need not apply, unfortunately. The memo cited security as the reasoning for that.

I haven't applied for the program; I'm not in an on-call position, and I have no desire to make myself on-call just by being available.

Sean, this article is pretty biased. The information about the FIPS stuff is interesting and its good that they are looking at competitive options but the opinionated RIM is doomed tone is a bit much.

Seconded. I just checked the author's biography — it confirmed my suspicions that the author is a United States citizen, educated and living in the USA, who "wrote ... his first database app on a dual-floppy Apple II". Perhaps this article's tone, along with the general attitude I'm seeing from other AMERICAN news sources (though rarely elsewhere) — "Blackberry? Run for the doors... Apple? They'll have what we want next year, just wait for it (ignore those insignificant map foibles now, who cares about that)..." — perhaps this general hypocrisy we're seeing from American sources might have been different if either the author had been Canadian or if Blackberry had been a US corporation. In addition to ACTUAL threats to BB's position (Samsung SAFE, iOS FIPS); I'm observing a whispering campaign about Blackberry, actively trying to kaibosh their chances of retaining market confidence, during this critical time when they're concentrating on making sure BB10 will be a hit, unlike the first Playbook that was rushed out of the door by the previous CEO.

Here are the current FACTS, so far as I can gather them on Google:http://forum.n4bb.com/discussion/783/wo ... low-to-rim• Blackberry 10 is FIPS certified.• iOS (which has been out for years) isn't quite FIPS-certified yet.It's pretty clear which company takes security more seriously.

Surely, if SECURITY was the government's main concern and if contracts were pragmatically assessed, there wouldn't even be any US government agency even LOOKING at the iPhone yet? They would surely be waiting for final FIPS approval, and waiting for a first peep at BB10; before making any moves...Don't get me wrong; I think Apple hardware is excellent and their attention to detail with ergonomics is second to none. Only, they're not FIPS certified yet. And Blackberry is... So people like me, for whom security is the #1 consideration (with price, features and UI a close second); Blackberry is currently the only serious option for my next phone, even if I have to wait.

Mydrrin wrote:

I'm hoping they do well. More alternatives shifting through the ether of technology, the more chance to get improvements.

— Moreover, more competition means more bulk discounts for big customers like government departments. As soon as you fall in love with a particular platform (even a patriotic American one like Apple that makes their products in China), your scope for negotiating a decent bulk discount (or, a decent price for the tax payer) disappears. The salesman detects that he has you hooked already... More options on the table during bidding & negotiation = a better deal.

DISCLOSURE: I hold a small number of shares in NASDAQ:RIMM (small enough that we won't be in trouble if I lose them, but big enough to constitute a serious bet on RIM succeeding big-time with BB10...) I'm effectively betting that with the value of a BB10 phone in RIM shares, my shares will pay for my next phone some time next year... This is like Kickstarter but with a traditional twist, and perhaps with better regulation!

We develop a number of software products, including iOS and Android apps. I was floored when one of our large defense customers informed us last year that they're going to be sticking with Blackberry for the foreseeable future. Maybe (hopefully!) this will change things.

It looks like a mash up of iOS and Android with a physical keyboard. I guess aesthetics is different in RIM world. Considering the government needs to concern itself with security, why doesn't it just make it's own phone OS? They could probably base it off Android, Maemo, or simply linux and add in the necessary security components, they could also leave off any undesired features (ex: Camera, NFC) while still using a smart phone.

...Competition is always good (for the consumer) - a 4 player game would be much better than a 2 or 3 player game.

I've found in practice (in doing business) that 3 (three) is like a magic number when it comes to competition... Perhaps this is because two potential suppliers might collude (sometimes only effectively, without even realising what they're doing); but with three around the table, no two of them can be sure whether the third might break their unspoken mutual expectations and undercut/outperform them! Perhaps someone who has studied game-theory properly can offer a more formal or rigorous explanation for my observations?

In addition to supplier negotiations, this general principle works in other environments. When I was first out of university and did temporary contract work with agencies, I found that despite being well qualified, as long as I was only on the books of TWO agencies, they both effectively ignored me... But as soon as I was registered with THREE agencies, they were all competing to be the first to place me with their clients, fearful that one of the other agencies would race them and lock them out of a well-qualified candidate's schedule & commission for a while! It was weird to see how the transition from two to three competitors could have such an marked effect on results!

Four-way competition is really hot too... That takes the innovation & business competition up to another level, especially in markets that effectively only have room for three big players plus a number of somewhat smaller ones...

Besides FIPS 140-2, BB10 is designed to keep government/business data separate from personal data. Without this feature, the BYOD is eventually doomed. Data will leak and the legal fees will far outweigh any cost sayings from BYOD.

Sean, this article is pretty biased. The information about the FIPS stuff is interesting and its good that they are looking at competitive options but the opinionated RIM is doomed tone is a bit much.

Seconded. I just checked the author's biography — it confirmed my suspicions that the author is a United States citizen, educated and living in the USA, who "wrote ... his first database app on a dual-floppy Apple II". Perhaps this article's tone, along with the general attitude I'm seeing from other AMERICAN news sources (though rarely elsewhere) — "Blackberry? Run for the doors... Apple? They'll have what we want next year, just wait for it (ignore those insignificant map foibles now, who cares about that)..." — perhaps this general hypocrisy we're seeing from American sources might have been different if either the author had been Canadian or if Blackberry had been a US corporation. In addition to ACTUAL threats to BB's position (Samsung SAFE, iOS FIPS); I'm observing a whispering campaign about Blackberry, actively trying to kaibosh their chances of retaining market confidence, during this critical time when they're concentrating on making sure BB10 will be a hit, unlike the first Playbook that was rushed out of the door by the previous CEO.

For the sake of full disclosure, I wrote my first program on a DEC PDP-11. And I was a computer security officer in the Navy, and an early BlackBerry adopter. I am assessing RIM's chances here based on observations of market forces and things I've heard from friends still in the government, not on some Apple fanboy-hood. I stopped using a BlackBerry when I no longer had an enterprise mail server to connect to it with—and then only after the phone took a 10-foot drop from my pocket down a flight of stairs.

Quote:

Here are the current FACTS, so far as I can gather them on Google:http://forum.n4bb.com/discussion/783/wo ... low-to-rim• Blackberry 10 is FIPS certified.• iOS (which has been out for years) isn't quite FIPS-certified yet.It's pretty clear which company takes security more seriously.

Surely, if SECURITY was the government's main concern and if contracts were pragmatically assessed, there wouldn't even be any US government agency even LOOKING at the iPhone yet? They would surely be waiting for final FIPS approval, and waiting for a first peep at BB10; before making any moves...Don't get me wrong; I think Apple hardware is excellent and their attention to detail with ergonomics is second to none. Only, they're not FIPS certified yet. And Blackberry is... So people like me, for whom security is the #1 consideration (with price, features and UI a close second); Blackberry is currently the only serious option for my next phone, even if I have to wait.

Mydrrin wrote:

I'm hoping they do well. More alternatives shifting through the ether of technology, the more chance to get improvements.

— Moreover, more competition means more bulk discounts for big customers like government departments. As soon as you fall in love with a particular platform (even a patriotic American one like Apple that makes their products in China), your scope for negotiating a decent bulk discount (or, a decent price for the tax payer) disappears. The salesman detects that he has you hooked already... More options on the table during bidding & negotiation = a better deal.

DISCLOSURE: I hold a small number of shares in NASDAQ:RIMM (small enough that we won't be in trouble if I lose them, but big enough to constitute a serious bet on RIM succeeding big-time with BB10...) I'm effectively betting that with the value of a BB10 phone in RIM shares, my shares will pay for my next phone some time next year... This is like Kickstarter but with a traditional twist, and perhaps with better regulation!

It looks like a mash up of iOS and Android with a physical keyboard. I guess aesthetics is different in RIM world. Considering the government needs to concern itself with security, why doesn't it just make it's own phone OS? They could probably base it off Android, Maemo, or simply linux and add in the necessary security components, they could also leave off any undesired features (ex: Camera, NFC) while still using a smart phone.

Have you heard about the mess the US government made designing their own digital army radio?http://arstechnica.com/information-tech ... h-project/— This is typical of government-managed IT projects. By contrast, the mobile telephone industry is a shining example of the comparative efficiencies of the free market. The free market's cycles of creative destruction are perfect for incrementally meeting the complex demands of high-tech projects like this...

It looks like a mash up of iOS and Android with a physical keyboard. I guess aesthetics is different in RIM world. Considering the government needs to concern itself with security, why doesn't it just make it's own phone OS? They could probably base it off Android, Maemo, or simply linux and add in the necessary security components, they could also leave off any undesired features (ex: Camera, NFC) while still using a smart phone.

It looks like a mash up of iOS and Android with a physical keyboard. I guess aesthetics is different in RIM world. Considering the government needs to concern itself with security, why doesn't it just make it's own phone OS? They could probably base it off Android, Maemo, or simply linux and add in the necessary security components, they could also leave off any undesired features (ex: Camera, NFC) while still using a smart phone.

Have you heard about the mess the US government made designing their own digital army radio?http://arstechnica.com/information-tech ... h-project/— This is typical of government-managed IT projects. By contrast, the mobile telephone industry is a shining example of the comparative efficiencies of the free market. The free market's cycles of creative destruction are perfect for incrementally meeting the complex demands of high-tech projects like this...

Time to put down Ayn Rand. Telecom is hardly a free market with creative destruction, at least regarding GSM and LTE. Rather a standards committee is formed, a standard is approved, and then the free market tries to implement the standard.

If you bothered to read the referenced article, you would note that the standard for this radio was a moving target.

SDR is really a bad idea if you want reliability. All software has bugs. Now DSP radios have their place. If you examine the early DSP radios, they were a pure hardware implementation of DSP that attempted to remove the majority of tuned circuits in a radio. That is, at the IF stages. This was to produce a radio that would be stable over temperature and mechanical shock. It did so at vastly increased power. In avionics, power isn't as much of a problem as is waste heat. Increased dependence on computers in fighter type aircraft recently showed up as a problem in either the F-22 or F-35 (I forget which). The aircraft uses its fuel to cool electronics, and the plane hits bingo (time to RTB [return to base]) due to the cooling requirement rather than running out of fuel.

For the sake of full disclosure, I wrote my first program on a DEC PDP-11.

...On your abbreviated bio, which I read...

seanmgallagher wrote:

And I was a computer security officer in the Navy, and an early BlackBerry adopter. I am assessing RIM's chances here based on observations of market forces and things I've heard from friends still in the government, not on some Apple fanboy-hood.

— We're obviously picking up on different news & observations etc. Could be something to do with that American perspective thing I've observed (like, the distortion field is expanding to cover almost your entire continent! I just wonder when it will burst?) You'd be amazed how different the news can be, on different sides of the Atlantic! I've been reading from both American and European sources in equal measure (I don't have as many government connections as you, but there appear to be a few fellows here in this comment thread with alternative perspectives on the attitudes of various US government departments).

seanmgallagher wrote:

I stopped using a BlackBerry when I no longer had an enterprise mail server to connect to it with—and then only after the phone took a 10-foot drop from my pocket down a flight of stairs.

—So you'd still be using it if not for that 10-foot drop? What triggered the loss of the enterprise mail server — leaving a previous employer? Or RIM losing a customer?Much has been said about RIM's alleged secret cooperation with various governments (which is interesting in itself, since the government doesn't appear to particularly NEED the active cooperation of other phone manufacturers/ network operators); but as I just explained, this only increases my confidence in their general infrastructure. I'd be happy running a Blackberry on the regular servers run for the public/consumers by RIM themselves.

— Thanks for the update! That's very interesting (I'm not sure how to read those things, but I'll figure it out or trust you). It's taken Apple a while (it's possibly not been as high a priority for them as for RIM), but they got there in the end (the timing is just perfect for Apple — perhaps not accidentally — but I think BB won't be far behind: the FIPS certification and the interaction with their developer community basically prove that BB10 exists, at least in some core form with a few details to be worked out?) Even if we consider Apple and others to be the equal of RIM on FIPS certification etc., I still don't understand how any serious person can trust GSM (which we all know was designed with broken security, and exploited regularly by law enforcement in some countries soon after its introduction).

Sorry, I forgot about that article! I seriously think the press has overblown the downside to RIM's BB10 delays. As a system designer, based on what I've seen of Mike Lazaridis / Thorsten Heins; I'm convinced that alongside appropriate pressure to perform, they're giving their remaining engineers some space to do something wonderful... Remains to be seen of course...

We sell hardware and provide services to SMB's and local governments and related organizations. We actively discourage our customers from using Blackberry. Why? A few outages that are quite unacceptable, BES that in our opinion sucks and devices that do not offer anything that iOS, Android or even WP devices cannot do at least as good and usually better. Ease of use of ActiveSync simply outweighs the better security BES offers. BB10 is said to have fullblown ActiveSync support for those who want it so we'll likely fully support that - BB10 with ActiveSync but not with Mobile Fusion. For small organizations the burden of running an extra server is just not worth it. Still, I hope RIM stays around as a viable player and not just for some niche market. IMO 4 the market in the West is big enough for 4 mobile OS's.

Anecdote: My agency is gently escorting RIM to the door. IT's started advertising a BYOD program, where you can replace your blackberry with an iOS app that gives you secure access to work calendar/mail from your personal phone.

Android need not apply, unfortunately. The memo cited security as the reasoning for that.

That's a good call with android. Apple's security model is a *lot* better.

In the hands of a geek, android is fine. In the hands of your typical jarhead it's nowhere near secure enough.

...Have you heard about the mess the US government made designing their own digital army radio?http://arstechnica.com/information-tech ... h-project/— This is typical of government-managed IT projects. By contrast, the mobile telephone industry is a shining example of the comparative efficiencies of the free market. The free market's cycles of creative destruction are perfect for incrementally meeting the complex demands of high-tech projects like this...

Time to put down Ayn Rand. Telecom is hardly a free market with creative destruction, at least regarding GSM and LTE. Rather a standards committee is formed, a standard is approved, and then the free market tries to implement the standard.

If you bothered to read the referenced article, you would note that the standard for this radio was a moving target.

• Who? I didn't even know who Ayn Rand was (just looked her up on Wikipedia), and I do believe that governments typically do SOME big things much better than the private sector — I'm a pragmatic centrist if you really care;• I did read the article concerned (perhaps the government could make a success of an IT/tech project if they copied some of the best-practices and de-facto standards from industry) — in fact I read it very carefully as I take a particular interest in these things. (Changing the specification is typical government behaviour, especially in a multi-party parliamentary democracy where the party that commissions a system like this is unlikely to be in power for long enough to complete it!)

beebee wrote:

SDR... DSP... This was to produce a radio that would be stable over temperature and mechanical shock. It did so at vastly increased power... The aircraft uses its fuel to cool electronics, and the plane hits bingo (time to RTB [return to base]) due to the cooling requirement rather than running out of fuel.

We're obviously picking up on different news & observations etc. Could be something to do with that American perspective thing I've observed (like, the distortion field is expanding to cover almost your entire continent! I just wonder when it will burst?) You'd be amazed how different the news can be, on different sides of the Atlantic!

Taste of your own medicine, you'd be amazed how different the story is in Australia. Blackberrys are for sale in almost every electronics store in my city, but I do not know anyone who has ever owned a blackberry and the only person I've ever seen using one was a tourist in the departure lounge of an international airport.

Maybe in whatever small european country you come from, blackberry is a big deal. But worldwide it isn't. Blackberry and Nokia both had solid reliable growth until 2010 and then they both started plummeting and are not showing any signs that will ever change. BB's marketshare used to be 22%, a few months ago it was 6% (I can't find more recent figures). At the current rate, by this time next year it is likely to be 1%.

You seem to think BB10 will reverse their tailspin, but haven't provided any evidence to back it up. Come back to me in a year, and we'll see where blackberry is. I have nothing personal for or against them, all I see is plummeting sales from a company that has never produced good phone software but has decent enterprise infrastructure. Now they claim to have good phone software, but I'll believe it when I see it.

I think a distinct lack of third party apps will be the nail in the coffin. Blackberry should have switched to android on day one, and now it's too late. Their only hope, in my opinion, is to start offering cross platform enterprise services - but they show no sign of doing that.

And if you think I'm critical of Blackberry's future, you should see what the experts think. Asymco, who spent much of his career working inside Nokia helping predict their own future prospects, has been predicting Blackberry's doom since years before their sales actually started to fall. Everything he's said about blackberry has been backed up with solid research and it's all come true so far. His current take on blackberry is that they are in a vicious cycle that is impossible to escape from, no other corporation has ever survived the kind of trouble they are in.

— Thanks for the update! That's very interesting (I'm not sure how to read those things, but I'll figure it out or trust you). It's taken Apple a while (it's possibly not been as high a priority for them as for RIM), but they got there in the end

They haven't got there yet... but let me tell you, as someone intimately familiar with the iOS security model, they really do care about security. It is hands down the most secure operating system I have ever worked with. There are encryption keys and sandboxes and blocked services and data you can't access without permission all throughout iOS. It's completely locked down to the point it drives developers nuts, because they can't do most of the stuff they're used to on other platforms. Apple is opening things up one at a time, but whenever they open something up they always introduce a new security layer to keep it locked down.

Unlike blackberry however, Apple doesn't care much about being certified. The certification is just a sticker, which most people don't care about anyway. What really matters is the security, and being tested for FIPS conformance does not change the security of the platform.

matthewslyman wrote:

I still don't understand how any serious person can trust GSM (which we all know was designed with broken security, and exploited regularly by law enforcement in some countries soon after its introduction).

Nobody trusts GSM. Anybody who knows what they're doing is using SSL to encrypt all traffic sent over the internet, whether it's GSM, WiFi, or Ethernet (which is the least secure of them all).

Also, GSM is pretty secure if you have a modern phone. Most of the security compromises come from the fact it needs to be compatible with hardware that was cheap a decade ago. With a modern phone you are using newer versions of the protocol, and security is pretty decent. But still, everyone uses SSL anyway for important stuff.

...Have you heard about the mess the US government made designing their own digital army radio?http://arstechnica.com/information-tech ... h-project/— This is typical of government-managed IT projects. By contrast, the mobile telephone industry is a shining example of the comparative efficiencies of the free market. The free market's cycles of creative destruction are perfect for incrementally meeting the complex demands of high-tech projects like this...

Time to put down Ayn Rand. Telecom is hardly a free market with creative destruction, at least regarding GSM and LTE. Rather a standards committee is formed, a standard is approved, and then the free market tries to implement the standard.

If you bothered to read the referenced article, you would note that the standard for this radio was a moving target.

• Who? I didn't even know who Ayn Rand was (just looked her up on Wikipedia), and I do believe that governments typically do SOME big things much better than the private sector — I'm a pragmatic centrist if you really care;• I did read the article concerned (perhaps the government could make a success of an IT/tech project if they copied some of the best-practices and de-facto standards from industry) — in fact I read it very carefully as I take a particular interest in these things. (Changing the specification is typical government behaviour, especially in a multi-party parliamentary democracy where the party that commissions a system like this is unlikely to be in power for long enough to complete it!)

beebee wrote:

SDR... DSP... This was to produce a radio that would be stable over temperature and mechanical shock. It did so at vastly increased power... The aircraft uses its fuel to cool electronics, and the plane hits bingo (time to RTB [return to base]) due to the cooling requirement rather than running out of fuel.

—Fascinating! Thank you. Looking forward to your next post...

The role of government of a capitalist system is to keep level playing fields. Keeping monopolies out. Something that has been sorely lacking lately, with the massive deregulation drives since the 80's.

Without government we wouldn't have standards or standards agencies. It's developing and maintaining their strength that helps make the capitalist system good, and level playing fields.

It may very well be too late for RIM. They simply took too long to take Droid and iPhone seriously. Now they are a solid 2-3 generations BEHIND the other phones! Even if they think they can re-crack the corporate/gov't market, it's not enough. They still need to convince the CONSUMER market.

iPhone (Though I'm not a fan) is the best bet because they have a CLOSED system. Android COULD be great, but the carriers are given too much leeway to screw them up! If Droids became affordable on the open market as INDEPENDENT devices they could fix the security in short order. Compatibility among apps too that iOS currently enjoys. The problem is the carriers in the middle that want draconian control that gets in the middle and makes the weak link. Apple's devices are kept just open enough to buy accessories, but closed enough to where they're not for true power users.

It really comes down to if the phones were out of the carrier's hands the carriers would lose a LOT of money because they would have less control over the phones. It's that control however that is compromising their SECURITY and making them more vulnerable to attacks. I think eventually it will go that way, but it's going to take probably a solid decade until the consumers get hip enough to demand it.

(Re: iOS/FIPS)...They haven't got there yet... but let me tell you, as someone intimately familiar with the iOS security model, they really do care about security. It is hands down the most secure operating system I have ever worked with. There are encryption keys and sandboxes and blocked services and data you can't access without permission all throughout iOS. It's completely locked down to the point it drives developers nuts, because they can't do most of the stuff they're used to on other platforms. Apple is opening things up one at a time, but whenever they open something up they always introduce a new security layer to keep it locked down.Unlike blackberry however, Apple doesn't care much about being certified. The certification is just a sticker, which most people don't care about anyway. What really matters is the security, and being tested for FIPS conformance does not change the security of the platform.

— Perhaps FIPS 140 should be updated. If Apple is pragmatically better, then the testing regime should effectively give them a better grade...I do see your point about Apple not caring about stickers though (there was that fuss over the environmental certification a few months ago — before they realised that people actually care about those certifications, and did a U-turn).

abhi_beckert wrote:

Also, GSM is pretty secure if you have a modern phone. Most of the security compromises come from the fact it needs to be compatible with hardware that was cheap a decade ago. With a modern phone you are using newer versions of the protocol, and security is pretty decent. But still, everyone uses SSL anyway for important stuff.

The iPhone and iPad were in FIPS conformance testing as of August. And iOS devices with Good Technology's secure email are covered under DOD STIGs.

I really really hope that Good have fixed the issues they had a couple of years ago. I'm aware that they had some pretty nasty problems, even if their crypto core was FIPS 140 approved. (see http://thomascannon.net/projects/android-reversing/ for details - note this isn't my work). I ended up writing a PoC app to extract decrypted attachments from GfE while the GfE app itself was locked.

I've had a slightly closer look at some of these documents now. Some of them are marked DRAFT in bold red capitals, and recently dated (like, last week). Take a look here too (updated 5th November):http://csrc.nist.gov/groups/STM/cmvp/do ... rocess.pdf— iOS FIPS 140-1, 140-2 certification appears to be in the status, "Review Pending", as of the time of writing. In other words, iOS isn't really covered yet by FIPS 140-2, is it?

Further disclosure: I bought into NASDAQ:RIMM around 2nd/3rd October (well after the general anti-RIM, pro-Apple FUD campaign started on Reuters.com, etc.) I decided to do this, the week before reading the article (1st October) that you cite in your further disclosure...

We're obviously picking up on different news & observations etc. Could be something to do with that American perspective thing I've observed (like, the distortion field is expanding to cover almost your entire continent! I just wonder when it will burst?) You'd be amazed how different the news can be, on different sides of the Atlantic!

Taste of your own medicine, you'd be amazed how different the story is in Australia. Blackberrys are for sale in almost every electronics store in my city, but I do not know anyone who has ever owned a blackberry and the only person I've ever seen using one was a tourist in the departure lounge of an international airport.

Maybe in whatever small european country you come from, blackberry is a big deal. But worldwide it isn't. Blackberry and Nokia both had solid reliable growth until 2010 and then they both started plummeting and are not showing any signs that will ever change. BB's marketshare used to be 22%, a few months ago it was 6% (I can't find more recent figures). At the current rate, by this time next year it is likely to be 1%.

In the UK Blackberries are only popular with teenagers and criminals, mainly due to BBM being free and relatively secure. However because of this, UK Police have requested access to the BBM servers. Like nearly everywhere else, market share has plummeted.

....You seem to think BB10 will reverse their tailspin, but haven't provided any evidence to back it up. ...Their only hope, in my opinion, is to start offering cross platform enterprise services - but they show no sign of doing that.

Impossible? That is essentially the same recipe Apple followed. It isn't impossible. RIMs primary problem was that their execution of the plan has been slow. They didn't move resources to pivot fast enough in the beginning to limit the conversion to new direction. Right now the 'Osborne Effect' is killing them even with folks who might want to stay with the product. ( Pre-announcing products almost year in advance isn't going to help sales. )

If there was a mistake it was to chase after the tablet market. They should have left that alone (or at least buried in a lab). I think the previous management was looking for a new hypergrowth vehicle to distract folks away from their core problems. They only managed to fool themselves and wasted alot of time and resources.

I think folks are also forgetting the length outages BB had. Again lack of tactical execution. It is repetitively stumbling that has many large organizations backing away from them.

P.S. IMHO, the other major blunder was teaming up with Apple and Microsoft to keep Google from getting the Nortel patents. Throwing in with Google would have been a better move. If they lost to Apple and Microsoft's deeper pockets then RIM would still have the cash ( which they seriously need now away) and Apple/Microsoft would be slightly poorer. If they had won then Google may not have bought Motorola ( which would remove a competitor ). Or possibly interesting in selling parts of Moto Mobility to RIM that perhaps could be better leveraged by RIM (e.g., the set-top , some of the more enterprise stuff). Android's "open ecosystem" was always going to win long term. RIM should have been shooting for a solid 3rd place. Let Apple and Microsoft squabble over 2nd.

Sean Gallagher / Sean is Ars Technica's IT Editor. A former Navy officer, systems administrator, and network systems integrator with 20 years of IT journalism experience, he lives and works in Baltimore, Maryland.